Overview
Explore the critical issues surrounding firmware supply chain security in this 37-minute Black Hat conference talk. Delve into the challenges faced by hardware vendors who outsource components, including firmware, to ODMs. Examine how this practice limits vendors' control over their products, creates additional supply chain security risks, and introduces gaps in threat modeling. Gain insights into the complexities of fixing known vulnerabilities in firmware. Join speakers Alex Matrosov, Alex Ermolov, Kai Michaelis, and Richard Hughes as they raise awareness about the risks inherent in the firmware supply chain and discuss potential solutions to this pressing cybersecurity concern.
Syllabus
The Firmware Supply-Chain Security Is Broken: Can We Fix It?
Taught by
Black Hat